646725efb7
Close #1463 Squashed commit of the following: commit d5bdc939a2ae9f6d1ae879e4225b1dce09657b92 Author: Simon Zolin <s.zolin@adguard.com> Date: Mon Mar 16 16:39:17 2020 +0300 minor commit e15b56a0d9db182f9d30b434584018cb1bf038d5 Author: Simon Zolin <s.zolin@adguard.com> Date: Thu Mar 12 14:39:07 2020 +0300 minor commit 77bf59ca6e556b75af48c5987866af6d5025dae8 Author: Simon Zolin <s.zolin@adguard.com> Date: Thu Mar 12 14:30:04 2020 +0300 minor commit e19c13f82dd408ed638bd4b68d21cdfebbdf782f Author: Simon Zolin <s.zolin@adguard.com> Date: Thu Mar 12 14:24:50 2020 +0300 minor commit 9113c6dae6263aa7ee6e4295c2b60dd3083e2bf0 Author: Simon Zolin <s.zolin@adguard.com> Date: Thu Mar 12 14:02:06 2020 +0300 minor commit 70283e329e32def3375e893f806a2a02d8ca9f57 Author: Simon Zolin <s.zolin@adguard.com> Date: Thu Mar 12 13:35:11 2020 +0300 logical module Filtering commit 837a255c6a04941e9fc007a56d71faf4c4213257 Author: Simon Zolin <s.zolin@adguard.com> Date: Thu Mar 12 13:11:37 2020 +0300 minor commit 1853ed2b57a86dd49508023f47218219399b4fe5 Author: Simon Zolin <s.zolin@adguard.com> Date: Thu Mar 12 12:59:28 2020 +0300 refactor commit 1ba3cc53c76255439fe54693b40ee9665fdc15e4 Author: Simon Zolin <s.zolin@adguard.com> Date: Wed Mar 11 20:12:53 2020 +0300 * filters: optimize update procedure
390 lines
10 KiB
Go
390 lines
10 KiB
Go
package home
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"io/ioutil"
|
|
"net"
|
|
"net/http"
|
|
"net/url"
|
|
"os"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/AdguardTeam/golibs/log"
|
|
"github.com/miekg/dns"
|
|
)
|
|
|
|
// IsValidURL - return TRUE if URL is valid
|
|
func IsValidURL(rawurl string) bool {
|
|
url, err := url.ParseRequestURI(rawurl)
|
|
if err != nil {
|
|
return false //Couldn't even parse the rawurl
|
|
}
|
|
if len(url.Scheme) == 0 {
|
|
return false //No Scheme found
|
|
}
|
|
return true
|
|
}
|
|
|
|
type filterAddJSON struct {
|
|
Name string `json:"name"`
|
|
URL string `json:"url"`
|
|
Whitelist bool `json:"whitelist"`
|
|
}
|
|
|
|
func (f *Filtering) handleFilteringAddURL(w http.ResponseWriter, r *http.Request) {
|
|
fj := filterAddJSON{}
|
|
err := json.NewDecoder(r.Body).Decode(&fj)
|
|
if err != nil {
|
|
httpError(w, http.StatusBadRequest, "Failed to parse request body json: %s", err)
|
|
return
|
|
}
|
|
|
|
if !IsValidURL(fj.URL) {
|
|
http.Error(w, "Invalid URL", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
// Check for duplicates
|
|
if filterExists(fj.URL) {
|
|
httpError(w, http.StatusBadRequest, "Filter URL already added -- %s", fj.URL)
|
|
return
|
|
}
|
|
|
|
// Set necessary properties
|
|
filt := filter{
|
|
Enabled: true,
|
|
URL: fj.URL,
|
|
Name: fj.Name,
|
|
white: fj.Whitelist,
|
|
}
|
|
filt.ID = assignUniqueFilterID()
|
|
|
|
// Download the filter contents
|
|
ok, err := f.update(&filt)
|
|
if err != nil {
|
|
httpError(w, http.StatusBadRequest, "Couldn't fetch filter from url %s: %s", filt.URL, err)
|
|
return
|
|
}
|
|
if !ok {
|
|
httpError(w, http.StatusBadRequest, "Filter at the url %s is invalid (maybe it points to blank page?)", filt.URL)
|
|
return
|
|
}
|
|
|
|
// URL is deemed valid, append it to filters, update config, write new filter file and tell dns to reload it
|
|
if !filterAdd(filt) {
|
|
httpError(w, http.StatusBadRequest, "Filter URL already added -- %s", filt.URL)
|
|
return
|
|
}
|
|
|
|
onConfigModified()
|
|
enableFilters(true)
|
|
|
|
_, err = fmt.Fprintf(w, "OK %d rules\n", filt.RulesCount)
|
|
if err != nil {
|
|
httpError(w, http.StatusInternalServerError, "Couldn't write body: %s", err)
|
|
}
|
|
}
|
|
|
|
func (f *Filtering) handleFilteringRemoveURL(w http.ResponseWriter, r *http.Request) {
|
|
|
|
type request struct {
|
|
URL string `json:"url"`
|
|
Whitelist bool `json:"whitelist"`
|
|
}
|
|
req := request{}
|
|
err := json.NewDecoder(r.Body).Decode(&req)
|
|
if err != nil {
|
|
httpError(w, http.StatusBadRequest, "Failed to parse request body json: %s", err)
|
|
return
|
|
}
|
|
|
|
if !IsValidURL(req.URL) {
|
|
http.Error(w, "URL parameter is not valid request URL", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
// go through each element and delete if url matches
|
|
config.Lock()
|
|
newFilters := []filter{}
|
|
filters := &config.Filters
|
|
if req.Whitelist {
|
|
filters = &config.WhitelistFilters
|
|
}
|
|
for _, filter := range *filters {
|
|
if filter.URL != req.URL {
|
|
newFilters = append(newFilters, filter)
|
|
} else {
|
|
err := os.Rename(filter.Path(), filter.Path()+".old")
|
|
if err != nil {
|
|
log.Error("os.Rename: %s: %s", filter.Path(), err)
|
|
}
|
|
}
|
|
}
|
|
// Update the configuration after removing filter files
|
|
*filters = newFilters
|
|
config.Unlock()
|
|
|
|
onConfigModified()
|
|
enableFilters(true)
|
|
|
|
// Note: the old files "filter.txt.old" aren't deleted - it's not really necessary,
|
|
// but will require the additional code to run after enableFilters() is finished: i.e. complicated
|
|
}
|
|
|
|
type filterURLJSON struct {
|
|
Name string `json:"name"`
|
|
URL string `json:"url"`
|
|
Enabled bool `json:"enabled"`
|
|
}
|
|
|
|
type filterURLReq struct {
|
|
URL string `json:"url"`
|
|
Whitelist bool `json:"whitelist"`
|
|
Data filterURLJSON `json:"data"`
|
|
}
|
|
|
|
func (f *Filtering) handleFilteringSetURL(w http.ResponseWriter, r *http.Request) {
|
|
fj := filterURLReq{}
|
|
err := json.NewDecoder(r.Body).Decode(&fj)
|
|
if err != nil {
|
|
httpError(w, http.StatusBadRequest, "json decode: %s", err)
|
|
return
|
|
}
|
|
|
|
if !IsValidURL(fj.URL) {
|
|
http.Error(w, "invalid URL", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
filt := filter{
|
|
Enabled: fj.Data.Enabled,
|
|
Name: fj.Data.Name,
|
|
URL: fj.Data.URL,
|
|
}
|
|
status := f.filterSetProperties(fj.URL, filt, fj.Whitelist)
|
|
if (status & statusFound) == 0 {
|
|
http.Error(w, "URL doesn't exist", http.StatusBadRequest)
|
|
return
|
|
}
|
|
if (status & statusURLExists) != 0 {
|
|
http.Error(w, "URL already exists", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
onConfigModified()
|
|
restart := false
|
|
if (status & statusEnabledChanged) != 0 {
|
|
// we must add or remove filter rules
|
|
restart = true
|
|
}
|
|
if (status&statusUpdateRequired) != 0 && fj.Data.Enabled {
|
|
// download new filter and apply its rules
|
|
flags := FilterRefreshBlocklists
|
|
if fj.Whitelist {
|
|
flags = FilterRefreshAllowlists
|
|
}
|
|
nUpdated, _ := f.refreshFilters(flags, true)
|
|
// if at least 1 filter has been updated, refreshFilters() restarts the filtering automatically
|
|
// if not - we restart the filtering ourselves
|
|
restart = false
|
|
if nUpdated == 0 {
|
|
restart = true
|
|
}
|
|
}
|
|
if restart {
|
|
enableFilters(true)
|
|
}
|
|
}
|
|
|
|
func (f *Filtering) handleFilteringSetRules(w http.ResponseWriter, r *http.Request) {
|
|
body, err := ioutil.ReadAll(r.Body)
|
|
if err != nil {
|
|
httpError(w, http.StatusBadRequest, "Failed to read request body: %s", err)
|
|
return
|
|
}
|
|
|
|
config.UserRules = strings.Split(string(body), "\n")
|
|
onConfigModified()
|
|
enableFilters(true)
|
|
}
|
|
|
|
func (f *Filtering) handleFilteringRefresh(w http.ResponseWriter, r *http.Request) {
|
|
type Req struct {
|
|
White bool `json:"whitelist"`
|
|
}
|
|
type Resp struct {
|
|
Updated int `json:"updated"`
|
|
}
|
|
resp := Resp{}
|
|
var err error
|
|
|
|
req := Req{}
|
|
err = json.NewDecoder(r.Body).Decode(&req)
|
|
if err != nil {
|
|
httpError(w, http.StatusBadRequest, "json decode: %s", err)
|
|
return
|
|
}
|
|
|
|
Context.controlLock.Unlock()
|
|
flags := FilterRefreshBlocklists
|
|
if req.White {
|
|
flags = FilterRefreshAllowlists
|
|
}
|
|
resp.Updated, err = f.refreshFilters(flags|FilterRefreshForce, false)
|
|
Context.controlLock.Lock()
|
|
if err != nil {
|
|
httpError(w, http.StatusInternalServerError, "%s", err)
|
|
return
|
|
}
|
|
|
|
js, err := json.Marshal(resp)
|
|
if err != nil {
|
|
httpError(w, http.StatusInternalServerError, "json encode: %s", err)
|
|
return
|
|
}
|
|
w.Header().Set("Content-Type", "application/json")
|
|
_, _ = w.Write(js)
|
|
}
|
|
|
|
type filterJSON struct {
|
|
ID int64 `json:"id"`
|
|
Enabled bool `json:"enabled"`
|
|
URL string `json:"url"`
|
|
Name string `json:"name"`
|
|
RulesCount uint32 `json:"rules_count"`
|
|
LastUpdated string `json:"last_updated"`
|
|
}
|
|
|
|
type filteringConfig struct {
|
|
Enabled bool `json:"enabled"`
|
|
Interval uint32 `json:"interval"` // in hours
|
|
Filters []filterJSON `json:"filters"`
|
|
WhitelistFilters []filterJSON `json:"whitelist_filters"`
|
|
UserRules []string `json:"user_rules"`
|
|
}
|
|
|
|
func filterToJSON(f filter) filterJSON {
|
|
fj := filterJSON{
|
|
ID: f.ID,
|
|
Enabled: f.Enabled,
|
|
URL: f.URL,
|
|
Name: f.Name,
|
|
RulesCount: uint32(f.RulesCount),
|
|
}
|
|
|
|
if !f.LastUpdated.IsZero() {
|
|
fj.LastUpdated = f.LastUpdated.Format(time.RFC3339)
|
|
}
|
|
|
|
return fj
|
|
}
|
|
|
|
// Get filtering configuration
|
|
func (f *Filtering) handleFilteringStatus(w http.ResponseWriter, r *http.Request) {
|
|
resp := filteringConfig{}
|
|
config.RLock()
|
|
resp.Enabled = config.DNS.FilteringEnabled
|
|
resp.Interval = config.DNS.FiltersUpdateIntervalHours
|
|
for _, f := range config.Filters {
|
|
fj := filterToJSON(f)
|
|
resp.Filters = append(resp.Filters, fj)
|
|
}
|
|
for _, f := range config.WhitelistFilters {
|
|
fj := filterToJSON(f)
|
|
resp.WhitelistFilters = append(resp.WhitelistFilters, fj)
|
|
}
|
|
resp.UserRules = config.UserRules
|
|
config.RUnlock()
|
|
|
|
jsonVal, err := json.Marshal(resp)
|
|
if err != nil {
|
|
httpError(w, http.StatusInternalServerError, "json encode: %s", err)
|
|
return
|
|
}
|
|
w.Header().Set("Content-Type", "application/json")
|
|
_, err = w.Write(jsonVal)
|
|
if err != nil {
|
|
httpError(w, http.StatusInternalServerError, "http write: %s", err)
|
|
}
|
|
}
|
|
|
|
// Set filtering configuration
|
|
func (f *Filtering) handleFilteringConfig(w http.ResponseWriter, r *http.Request) {
|
|
req := filteringConfig{}
|
|
err := json.NewDecoder(r.Body).Decode(&req)
|
|
if err != nil {
|
|
httpError(w, http.StatusBadRequest, "json decode: %s", err)
|
|
return
|
|
}
|
|
|
|
if !checkFiltersUpdateIntervalHours(req.Interval) {
|
|
httpError(w, http.StatusBadRequest, "Unsupported interval")
|
|
return
|
|
}
|
|
|
|
config.DNS.FilteringEnabled = req.Enabled
|
|
config.DNS.FiltersUpdateIntervalHours = req.Interval
|
|
onConfigModified()
|
|
enableFilters(true)
|
|
}
|
|
|
|
type checkHostResp struct {
|
|
Reason string `json:"reason"`
|
|
FilterID int64 `json:"filter_id"`
|
|
Rule string `json:"rule"`
|
|
|
|
// for FilteredBlockedService:
|
|
SvcName string `json:"service_name"`
|
|
|
|
// for ReasonRewrite:
|
|
CanonName string `json:"cname"` // CNAME value
|
|
IPList []net.IP `json:"ip_addrs"` // list of IP addresses
|
|
}
|
|
|
|
func (f *Filtering) handleCheckHost(w http.ResponseWriter, r *http.Request) {
|
|
q := r.URL.Query()
|
|
host := q.Get("name")
|
|
|
|
setts := Context.dnsFilter.GetConfig()
|
|
setts.FilteringEnabled = true
|
|
ApplyBlockedServices(&setts, config.DNS.BlockedServices)
|
|
result, err := Context.dnsFilter.CheckHost(host, dns.TypeA, &setts)
|
|
if err != nil {
|
|
httpError(w, http.StatusInternalServerError, "couldn't apply filtering: %s: %s", host, err)
|
|
return
|
|
}
|
|
|
|
resp := checkHostResp{}
|
|
resp.Reason = result.Reason.String()
|
|
resp.FilterID = result.FilterID
|
|
resp.Rule = result.Rule
|
|
resp.SvcName = result.ServiceName
|
|
resp.CanonName = result.CanonName
|
|
resp.IPList = result.IPList
|
|
js, err := json.Marshal(resp)
|
|
if err != nil {
|
|
httpError(w, http.StatusInternalServerError, "json encode: %s", err)
|
|
return
|
|
}
|
|
w.Header().Set("Content-Type", "application/json")
|
|
_, _ = w.Write(js)
|
|
}
|
|
|
|
// RegisterFilteringHandlers - register handlers
|
|
func (f *Filtering) RegisterFilteringHandlers() {
|
|
httpRegister("GET", "/control/filtering/status", f.handleFilteringStatus)
|
|
httpRegister("POST", "/control/filtering/config", f.handleFilteringConfig)
|
|
httpRegister("POST", "/control/filtering/add_url", f.handleFilteringAddURL)
|
|
httpRegister("POST", "/control/filtering/remove_url", f.handleFilteringRemoveURL)
|
|
httpRegister("POST", "/control/filtering/set_url", f.handleFilteringSetURL)
|
|
httpRegister("POST", "/control/filtering/refresh", f.handleFilteringRefresh)
|
|
httpRegister("POST", "/control/filtering/set_rules", f.handleFilteringSetRules)
|
|
httpRegister("GET", "/control/filtering/check_host", f.handleCheckHost)
|
|
}
|
|
|
|
func checkFiltersUpdateIntervalHours(i uint32) bool {
|
|
return i == 0 || i == 1 || i == 12 || i == 1*24 || i == 3*24 || i == 7*24
|
|
}
|